haiwen/seahub
1
0
Fork 0
mirror of https://github.com/haiwen/seahub.git synced 2025-09-03 07:55:36 +00:00
Code Issues Releases Wiki Activity

repair security-hole (#2415)

Browse Source 
* repair security-hole

* optimized code
This commit is contained in:
shanshuirenjia
2018-09-30 12:19:30 +08:00
committed by Daniel Pan
parent 3a67d78016
commit fb0fc6f7ec
6 changed files with 2894 additions and 3125 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5359
frontend/package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

2
frontend/package.json
View File

@@ -28,7 +28,7 @@
"seafile-ui": "^0.1.10", "seafile-ui": "^0.1.10",
"sw-precache-webpack-plugin": "0.11.4", "sw-precache-webpack-plugin": "0.11.4",
"url-loader": "0.6.2", "url-loader": "0.6.2",
"url-parse": "^1.4.0", "url-parse": "^1.4.3",
"whatwg-fetch": "2.0.3" "whatwg-fetch": "2.0.3"
}, },
"scripts": { "scripts": {

124
frontend/src/components/common/notification.js
View File

@@ -1,62 +1,62 @@
import React from 'react'; import React from 'react';
import { seafileAPI } from '../../utils/seafile-api'; import { seafileAPI } from '../../utils/seafile-api';
const gettext = window.gettext; const gettext = window.gettext;
class Notification extends React.Component { class Notification extends React.Component {
constructor(props) { constructor(props) {
super(props); super(props);
this.state = { this.state = {
showNotice: false, showNotice: false,
notice_html: '' notice_html: ''
} }
} }
onClick = () => { onClick = () => {
this.setState({ this.setState({
showNotice: !this.state.showNotice showNotice: !this.state.showNotice
}) })
if (!this.state.showNotice) { if (!this.state.showNotice) {
this.loadNotices() this.loadNotices()
} }
if (this.state.showNotice) { if (this.state.showNotice) {
seafileAPI.updateNotifications() seafileAPI.updateNotifications()
} }
} }
loadNotices = () => { loadNotices = () => {
seafileAPI.listPopupNotices().then(res => { seafileAPI.listPopupNotices().then(res => {
this.setState({ this.setState({
notice_html: res.data.notice_html notice_html: res.data.notice_html
}) })
}) })
} }
render() { render() {
const { notice_html } = this.state; const { notice_html } = this.state;
return ( return (
<div id="notifications"> <div id="notifications">
<a href="#" onClick={this.onClick} className="no-deco" id="notice-icon" title="Notifications" aria-label="Notifications"> <a href="#" onClick={this.onClick} className="no-deco" id="notice-icon" title="Notifications" aria-label="Notifications">
<span className="sf2-icon-bell"></span> <span className="sf2-icon-bell"></span>
<span className="num hide">0</span> <span className="num hide">0</span>
</a> </a>
<div id="notice-popover" className={`sf-popover ${this.state.showNotice ? '': 'hide'}`}> <div id="notice-popover" className={`sf-popover ${this.state.showNotice ? '': 'hide'}`}>
<div className="outer-caret up-outer-caret"><div className="inner-caret"></div></div> <div className="outer-caret up-outer-caret"><div className="inner-caret"></div></div>
<div className="sf-popover-hd ovhd"> <div className="sf-popover-hd ovhd">
<h3 className="sf-popover-title title">{gettext('Notifications')}</h3> <h3 className="sf-popover-title title">{gettext('Notifications')}</h3>
<a href="#" onClick={this.onClick} title={gettext('Close')} aria-label={gettext('Close')} className="sf-popover-close js-close sf2-icon-x1 op-icon float-right"></a> <a href="#" onClick={this.onClick} title={gettext('Close')} aria-label={gettext('Close')} className="sf-popover-close js-close sf2-icon-x1 op-icon float-right"></a>
</div> </div>
<div className="sf-popover-con"> <div className="sf-popover-con">
<ul className="notice-list" dangerouslySetInnerHTML={{__html: notice_html}}> <ul className="notice-list" dangerouslySetInnerHTML={{__html: notice_html}}>
</ul> </ul>
<a href="/notification/list/" className="view-all">{gettext('See All Notifications')}</a> <a href="/notification/list/" className="view-all">{gettext('See All Notifications')}</a>
</div> </div>
</div> </div>
</div> </div>
) )
} }
} }
export default Notification; export default Notification;

54
frontend/src/components/constants.js
View File

@@ -1,27 +1,27 @@
export const dirPath = '/'; export const dirPath = '/';
export const gettext = window.gettext; export const gettext = window.gettext;
export const siteRoot = window.app.config.siteRoot; export const siteRoot = window.app.config.siteRoot;
export const avatarInfo = window.app.config.avatarInfo; export const avatarInfo = window.app.config.avatarInfo;
export const logoPath = window.app.config.logoPath; export const logoPath = window.app.config.logoPath;
export const mediaUrl = window.app.config.mediaUrl; export const mediaUrl = window.app.config.mediaUrl;
export const siteTitle = window.app.config.siteTitle; export const siteTitle = window.app.config.siteTitle;
export const logoWidth = window.app.config.logoWidth; export const logoWidth = window.app.config.logoWidth;
export const logoHeight = window.app.config.logoHeight; export const logoHeight = window.app.config.logoHeight;
export const isPro = window.app.config.isPro === "True"; export const isPro = window.app.config.isPro === "True";
export const lang = window.app.config.lang; export const lang = window.app.config.lang;
export const fileServerRoot = window.app.config.fileServerRoot; export const fileServerRoot = window.app.config.fileServerRoot;
// wiki // wiki
export const slug = window.wiki ? window.wiki.config.slug : ''; export const slug = window.wiki ? window.wiki.config.slug : '';
export const repoID = window.wiki ? window.wiki.config.repoId : ''; export const repoID = window.wiki ? window.wiki.config.repoId : '';
export const serviceUrl = window.wiki ? window.wiki.config.serviceUrl : ''; export const serviceUrl = window.wiki ? window.wiki.config.serviceUrl : '';
export const initialFilePath = window.wiki ? window.wiki.config.initial_file_path : ''; export const initialFilePath = window.wiki ? window.wiki.config.initial_file_path : '';
export const permission = window.wiki ? window.wiki.config.permission === 'True' : ''; export const permission = window.wiki ? window.wiki.config.permission === 'True' : '';
// file history // file history
export const PER_PAGE = 25; export const PER_PAGE = 25;
export const historyRepoID = window.fileHistory ? window.fileHistory.pageOptions.repoID : ''; export const historyRepoID = window.fileHistory ? window.fileHistory.pageOptions.repoID : '';
export const repoName = window.fileHistory ? window.fileHistory.pageOptions.repoName : ''; export const repoName = window.fileHistory ? window.fileHistory.pageOptions.repoName : '';
export const filePath = window.fileHistory ? window.fileHistory.pageOptions.filePath : ''; export const filePath = window.fileHistory ? window.fileHistory.pageOptions.filePath : '';
export const fileName = window.fileHistory ? window.fileHistory.pageOptions.fileName : ''; export const fileName = window.fileHistory ? window.fileHistory.pageOptions.fileName : '';

376
frontend/src/components/main-side-nav.js
View File

@@ -1,188 +1,188 @@
import React from 'react'; import React from 'react';
import { Link } from '@reach/router'; import { Link } from '@reach/router';
import { gettext, siteRoot } from './constants'; import { gettext, siteRoot } from './constants';
import { seafileAPI } from '../utils/seafile-api'; import { seafileAPI } from '../utils/seafile-api';
class MainSideNav extends React.Component { class MainSideNav extends React.Component {
constructor(props) { constructor(props) {
super(props); super(props);
let currentTab = this.props.currentTab || ''; let currentTab = this.props.currentTab || '';
this.state = { this.state = {
groupsExtended: false, groupsExtended: false,
sharedExtended: false, sharedExtended: false,
closeSideBar:false, closeSideBar:false,
groupItems: [], groupItems: [],
currentTab: currentTab, currentTab: currentTab,
}; };
this.listHeight = 24; //for caculate tabheight this.listHeight = 24; //for caculate tabheight
this.groupsHeight = 0; this.groupsHeight = 0;
this.adminHeight = 0; this.adminHeight = 0;
} }
grpsExtend = () => { grpsExtend = () => {
this.setState({ this.setState({
groupsExtended: !this.state.groupsExtended, groupsExtended: !this.state.groupsExtended,
}) })
this.loadGroups(); this.loadGroups();
} }
shExtend = () => { shExtend = () => {
this.setState({ this.setState({
sharedExtended: !this.state.sharedExtended, sharedExtended: !this.state.sharedExtended,
}) })
} }
loadGroups = () => { loadGroups = () => {
let _this = this; let _this = this;
seafileAPI.listGroups().then(res =>{ seafileAPI.listGroups().then(res =>{
let data = res.data.groups; let data = res.data.groups;
this.groupsHeight = (data.length + 1) * _this.listHeight; this.groupsHeight = (data.length + 1) * _this.listHeight;
_this.setState({ _this.setState({
groupItems: data groupItems: data
}) })
}) })
} }
tabItemClick = (param) => { tabItemClick = (param) => {
this.setState({ this.setState({
currentTab: param currentTab: param
}) })
} }
renderSharedGroups() { renderSharedGroups() {
let style = {height: 0}; let style = {height: 0};
if (this.state.groupsExtended) { if (this.state.groupsExtended) {
style = {height: this.groupsHeight}; style = {height: this.groupsHeight};
} }
return ( return (
<ul className={`grp-list ${this.state.groupsExtended ? 'side-panel-slide' : 'side-panel-slide-up'}`} style={style}> <ul className={`grp-list ${this.state.groupsExtended ? 'side-panel-slide' : 'side-panel-slide-up'}`} style={style}>
<li className={this.state.currentTab === 'groups' ? 'tab-cur' : ''}> <li className={this.state.currentTab === 'groups' ? 'tab-cur' : ''}>
<a href={siteRoot + '#groups/'} onClick={() => this.tabItemClick('groups')}> <a href={siteRoot + '#groups/'} onClick={() => this.tabItemClick('groups')}>
<span className="sharp" aria-hidden="true">#</span> <span className="sharp" aria-hidden="true">#</span>
All Groups All Groups
</a> </a>
</li> </li>
{this.state.groupItems.map(item => { {this.state.groupItems.map(item => {
return ( return (
<li key={item.id} className={this.state.currentTab === item.id ? 'tab-cur' : ''}> <li key={item.id} className={this.state.currentTab === item.id ? 'tab-cur' : ''}>
<a href={siteRoot + '#group/' + item.id + '/'} className="ellipsis" onClick={() => this.tabItemClick(item.id)}> <a href={siteRoot + '#group/' + item.id + '/'} className="ellipsis" onClick={() => this.tabItemClick(item.id)}>
<span className="sharp" aria-hidden="true">#</span> <span className="sharp" aria-hidden="true">#</span>
{item.name} {item.name}
</a> </a>
</li> </li>
) )
})} })}
</ul> </ul>
) )
} }
renderSharedAdmin() { renderSharedAdmin() {
let height = 0; let height = 0;
if (this.state.sharedExtended) { if (this.state.sharedExtended) {
if (!this.adminHeight) { if (!this.adminHeight) {
this.adminHeight = 3 * this.listHeight; this.adminHeight = 3 * this.listHeight;
} }
height = this.adminHeight; height = this.adminHeight;
} }
let style = {height: height}; let style = {height: height};
return ( return (
<ul className={`${this.state.sharedExtended ? 'side-panel-slide' : 'side-panel-slide-up'}`} style={style} > <ul className={`${this.state.sharedExtended ? 'side-panel-slide' : 'side-panel-slide-up'}`} style={style} >
<li className={this.state.currentTab === 'share-admin-libs' ? 'tab-cur' : ''}> <li className={this.state.currentTab === 'share-admin-libs' ? 'tab-cur' : ''}>
<a href={siteRoot + '#share-admin-libs/'} className="ellipsis" title={gettext('Libraries')} onClick={() => this.tabItemClick('share-admin-libs')}> <a href={siteRoot + '#share-admin-libs/'} className="ellipsis" title={gettext('Libraries')} onClick={() => this.tabItemClick('share-admin-libs')}>
<span aria-hidden="true" className="sharp">#</span> <span aria-hidden="true" className="sharp">#</span>
{gettext('Libraries')} {gettext('Libraries')}
</a> </a>
</li> </li>
<li className={this.state.currentTab === 'share-admin-folders' ? 'tab-cur' : ''}> <li className={this.state.currentTab === 'share-admin-folders' ? 'tab-cur' : ''}>
<a href={siteRoot + '#share-admin-folders/'} className="ellipsis" title={gettext('Folders')} onClick={() => this.tabItemClick('share-admin-folders')}> <a href={siteRoot + '#share-admin-folders/'} className="ellipsis" title={gettext('Folders')} onClick={() => this.tabItemClick('share-admin-folders')}>
<span aria-hidden="true" className="sharp">#</span> <span aria-hidden="true" className="sharp">#</span>
{gettext('Folders')} {gettext('Folders')}
</a> </a>
</li> </li>
<li className={this.state.currentTab === 'share-admin-share-links' ? 'tab-cur' : ''}> <li className={this.state.currentTab === 'share-admin-share-links' ? 'tab-cur' : ''}>
<a href={siteRoot + '#share-admin-share-links/'} className="ellipsis" title={gettext('Links')} onClick={() => this.tabItemClick('share-admin-share-links')}> <a href={siteRoot + '#share-admin-share-links/'} className="ellipsis" title={gettext('Links')} onClick={() => this.tabItemClick('share-admin-share-links')}>
<span aria-hidden="true" className="sharp">#</span> <span aria-hidden="true" className="sharp">#</span>
{gettext('Links')} {gettext('Links')}
</a> </a>
</li> </li>
</ul> </ul>
) )
} }
render() { render() {
return ( return (
<div id="side-nav" className="home-side-nav"> <div id="side-nav" className="home-side-nav">
<div className="side-nav-con"> <div className="side-nav-con">
<h3 className="sf-heading">Files</h3> <h3 className="sf-heading">Files</h3>
<ul className="side-tabnav-tabs"> <ul className="side-tabnav-tabs">
<li className={`tab ${this.state.currentTab === 'my-libs' ? 'tab-cur' : ''}`}> <li className={`tab ${this.state.currentTab === 'my-libs' ? 'tab-cur' : ''}`}>
<a href={ siteRoot + '#my-libs' } className="ellipsis" title={gettext('My Libraries')} onClick={() => this.tabItemClick('my-libs')}> <a href={ siteRoot + '#my-libs' } className="ellipsis" title={gettext('My Libraries')} onClick={() => this.tabItemClick('my-libs')}>
<span className="sf2-icon-user" aria-hidden="true"></span> <span className="sf2-icon-user" aria-hidden="true"></span>
{gettext('My Libraries')} {gettext('My Libraries')}
</a> </a>
</li> </li>
<li className={`tab ${this.state.currentTab === 'shared-libs' ? 'tab-cur' : ''}`}> <li className={`tab ${this.state.currentTab === 'shared-libs' ? 'tab-cur' : ''}`}>
<a href={ siteRoot + '#shared-libs/'} className="ellipsis" title={gettext('Shared with me')} onClick={() => this.tabItemClick('shared-libs')}> <a href={ siteRoot + '#shared-libs/'} className="ellipsis" title={gettext('Shared with me')} onClick={() => this.tabItemClick('shared-libs')}>
<span className="sf2-icon-share" aria-hidden="true"></span> <span className="sf2-icon-share" aria-hidden="true"></span>
{gettext('Shared with me')} {gettext('Shared with me')}
</a> </a>
</li> </li>
<li className={`tab ${this.state.currentTab === 'org' ? 'tab-cur' : ''}`} onClick={() => this.tabItemClick('org')}> <li className={`tab ${this.state.currentTab === 'org' ? 'tab-cur' : ''}`} onClick={() => this.tabItemClick('org')}>
<a href={ siteRoot + '#org/' } className="ellipsis" title={gettext('Shared with all')}> <a href={ siteRoot + '#org/' } className="ellipsis" title={gettext('Shared with all')}>
<span className="sf2-icon-organization" aria-hidden="true"></span> <span className="sf2-icon-organization" aria-hidden="true"></span>
{gettext('Shared with all')} {gettext('Shared with all')}
</a> </a>
</li> </li>
<li className="tab" id="group-nav"> <li className="tab" id="group-nav">
<a href="#" className="ellipsis user-select-no" title={gettext('Shared with groups')} onClick={this.grpsExtend}> <a href="#" className="ellipsis user-select-no" title={gettext('Shared with groups')} onClick={this.grpsExtend}>
<span className={`toggle-icon float-right fas ${this.state.groupsExtended ?'fa-caret-down':'fa-caret-left'}`} aria-hidden="true"></span> <span className={`toggle-icon float-right fas ${this.state.groupsExtended ?'fa-caret-down':'fa-caret-left'}`} aria-hidden="true"></span>
<span className="sf2-icon-group" aria-hidden="true"></span> <span className="sf2-icon-group" aria-hidden="true"></span>
{gettext('Shared with groups')} {gettext('Shared with groups')}
</a> </a>
{this.renderSharedGroups()} {this.renderSharedGroups()}
</li> </li>
</ul> </ul>
<h3 className="sf-heading">Tools</h3> <h3 className="sf-heading">Tools</h3>
<ul className="side-tabnav-tabs"> <ul className="side-tabnav-tabs">
<li className={`tab ${this.state.currentTab === 'favorites' ? 'tab-cur' : ''}`}> <li className={`tab ${this.state.currentTab === 'favorites' ? 'tab-cur' : ''}`}>
<a href={siteRoot + '#starred/'} title={gettext('Favorites')} onClick={() => this.tabItemClick('favorites')}> <a href={siteRoot + '#starred/'} title={gettext('Favorites')} onClick={() => this.tabItemClick('favorites')}>
<span className="sf2-icon-star" aria-hidden="true"></span> <span className="sf2-icon-star" aria-hidden="true"></span>
{gettext('Favorites')} {gettext('Favorites')}
</a> </a>
</li> </li>
<li className={`tab ${this.state.currentTab === 'dashboard' ? 'tab-cur' : ''}`}> <li className={`tab ${this.state.currentTab === 'dashboard' ? 'tab-cur' : ''}`}>
<Link to={siteRoot + 'dashboard'} title={gettext('Acitivities')} onClick={() => this.tabItemClick('dashboard')}> <Link to={siteRoot + 'dashboard'} title={gettext('Acitivities')} onClick={() => this.tabItemClick('dashboard')}>
<span className="sf2-icon-clock" aria-hidden="true"></span> <span className="sf2-icon-clock" aria-hidden="true"></span>
{gettext('Acitivities')} {gettext('Acitivities')}
</Link> </Link>
</li> </li>
<li className={`tab ${this.state.currentTab === 'devices' ? 'tab-cur' : ''}`}> <li className={`tab ${this.state.currentTab === 'devices' ? 'tab-cur' : ''}`}>
<a href={siteRoot + '#devices/'} className="ellipsis" title={gettext('Linked Devices')} onClick={() => this.tabItemClick('devices')}> <a href={siteRoot + '#devices/'} className="ellipsis" title={gettext('Linked Devices')} onClick={() => this.tabItemClick('devices')}>
<span className="sf2-icon-monitor" aria-hidden="true"></span> <span className="sf2-icon-monitor" aria-hidden="true"></span>
{gettext('Linked Devices')} {gettext('Linked Devices')}
</a> </a>
</li> </li>
<li className={`tab ${this.state.currentTab === 'drafts' ? 'tab-cur' : ''}`} onClick={() => this.tabItemClick('drafts')}> <li className={`tab ${this.state.currentTab === 'drafts' ? 'tab-cur' : ''}`} onClick={() => this.tabItemClick('drafts')}>
<Link to={siteRoot + 'drafts'} title={gettext('Drafts')}> <Link to={siteRoot + 'drafts'} title={gettext('Drafts')}>
<span className="sf2-icon-edit" aria-hidden="true"></span> <span className="sf2-icon-edit" aria-hidden="true"></span>
{gettext('Drafts')} {gettext('Drafts')}
</Link> </Link>
</li> </li>
<li className="tab" id="share-admin-nav"> <li className="tab" id="share-admin-nav">
<a href="#" className="ellipsis user-select-no" title={gettext('Share Admin')} onClick={this.shExtend}> <a href="#" className="ellipsis user-select-no" title={gettext('Share Admin')} onClick={this.shExtend}>
<span className={`toggle-icon float-right fas ${this.state.sharedExtended ? 'fa-caret-down':'fa-caret-left'}`} aria-hidden="true"></span> <span className={`toggle-icon float-right fas ${this.state.sharedExtended ? 'fa-caret-down':'fa-caret-left'}`} aria-hidden="true"></span>
<span aria-hidden="true" className="sf2-icon-wrench"></span> <span aria-hidden="true" className="sf2-icon-wrench"></span>
{gettext('Share Admin')} {gettext('Share Admin')}
</a> </a>
{this.renderSharedAdmin()} {this.renderSharedAdmin()}
</li> </li>
</ul> </ul>
</div> </div>
</div> </div>
) )
} }
} }
export default MainSideNav; export default MainSideNav;

104
frontend/src/components/side-nav-footer.js
View File

@@ -1,52 +1,52 @@
import React from 'react'; import React from 'react';
import { gettext, siteRoot } from './constants'; import { gettext, siteRoot } from './constants';
import { Modal, ModalBody } from 'reactstrap'; import { Modal, ModalBody } from 'reactstrap';
class About extends React.Component { class About extends React.Component {
constructor(props) { constructor(props) {
super(props); super(props);
this.state = { this.state = {
modal: false modal: false
}; };
} }
toggle = () => { toggle = () => {
this.setState({ this.setState({
modal: !this.state.modal modal: !this.state.modal
}); });
} }
render() { render() {
return ( return (
<div> <div>
<a href="#" className="item" onClick={this.toggle}>{gettext('About')}</a> <a href="#" className="item" onClick={this.toggle}>{gettext('About')}</a>
<Modal isOpen={this.state.modal} toggle={this.toggle} className={this.props.className}> <Modal isOpen={this.state.modal} toggle={this.toggle} className={this.props.className}>
<ModalBody> <ModalBody>
<div className="about-content"> <div className="about-content">
<p><img src="/media/img/seafile-logo.png" title="Private Seafile" alt="logo" width="128" height="32" /></p> <p><img src="/media/img/seafile-logo.png" title="Private Seafile" alt="logo" width="128" height="32" /></p>
<p>{gettext('Server Version: 6.3.3')}<br />{gettext('© 2018 Seafile')}</p> <p>{gettext('Server Version: 6.3.3')}<br />{gettext('© 2018 Seafile')}</p>
<p><a href="http://seafile.com/about/" target="_blank">{gettext('About Us')}</a></p> <p><a href="http://seafile.com/about/" target="_blank">{gettext('About Us')}</a></p>
</div> </div>
</ModalBody> </ModalBody>
</Modal> </Modal>
</div> </div>
); );
} }
} }
class SideNavFooter extends React.Component { class SideNavFooter extends React.Component {
render() { render() {
return ( return (
<div className="side-nav-footer"> <div className="side-nav-footer">
<a href={siteRoot + 'help/'} target="_blank" className="item">{gettext('Help')}</a> <a href={siteRoot + 'help/'} target="_blank" className="item">{gettext('Help')}</a>
<About /> <About />
<a href={siteRoot + 'download_client_program/'} className="item last-item"> <a href={siteRoot + 'download_client_program/'} className="item last-item">
<span aria-hidden="true" className="sf2-icon-monitor vam"></span>{' '} <span aria-hidden="true" className="sf2-icon-monitor vam"></span>{' '}
<span className="vam">{gettext('Clients')}</span> <span className="vam">{gettext('Clients')}</span>
</a> </a>
</div> </div>
); );
} }
} }
export default SideNavFooter; export default SideNavFooter;